Creates an instance of TrustAnchor with the specified X509Certificate and optional name constraints, which are intended to be used as additional constraints when validating an X.509 certification path. The name constraints are specified as a byte array. This byte array should contain the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509. The ASN.1 definition of this structure appears below. 
            	NameConstraints ::= SEQUENCE {
            		permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
            		excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
            	   
             GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
             
            		GeneralSubtree ::= SEQUENCE {
            		base                    GeneralName,
            		minimum         [0]     BaseDistance DEFAULT 0,
            		maximum         [1]     BaseDistance OPTIONAL }
            		
            		BaseDistance ::= INTEGER (0..MAX)
            
            		GeneralName ::= CHOICE {
            		otherName                       [0]     OtherName,
            		rfc822Name                      [1]     IA5String,
            		dNSName                         [2]     IA5String,
            		x400Address                     [3]     ORAddress,
            		directoryName                   [4]     Name,
            		ediPartyName                    [5]     EDIPartyName,
            		uniformResourceIdentifier       [6]     IA5String,
            		iPAddress                       [7]     OCTET STRING,
            		registeredID                    [8]     OBJECT IDENTIFIER}
Note that the name constraints byte array supplied is cloned to protect against subsequent modifications.

Namespace: Org.BouncyCastle.Pkix
Assembly: ITextSharp (in ITextSharp.dll) Version: 4.1.6.0

Syntax

C#
public TrustAnchor(
	X509Certificate trustedCert,
	byte[] nameConstraints
)
Visual Basic
Public Sub New ( _
	trustedCert As X509Certificate, _
	nameConstraints As Byte() _
)
Visual C++
public:
TrustAnchor(
	X509Certificate^ trustedCert, 
	array<unsigned char>^ nameConstraints
)

Parameters

trustedCert
Type: Org.BouncyCastle.X509..::..X509Certificate
a trusted X509Certificate
nameConstraints
Type: array<System..::..Byte>[]()[][]
a byte array containing the ASN.1 DER encoding of a NameConstraints extension to be used for checking name constraints. Only the value of the extension is included, not the OID or criticality flag. Specify null to omit the parameter.

Exceptions

ExceptionCondition
System..::..ArgumentNullExceptionif the specified X509Certificate is null

See Also